The invention relates to a computer device and system for random number distribution over a network.
The exponential growth of networks such as the Internet has shaped the new economic and cultural society in which we live in. These networks are made of countless numbers of machines that enable its users to share and access a vast amount of information in a short period of time.
Two clear trends are accountable for this situation. The first is the convergence of infrastructure and shared services that are giving rise to so-called cloud computing. Cloud computing allows enterprises and organizations to get their applications up and running faster, with easier manageability and less maintenance. It also enables IT to adjust IT resources (such as servers, storage, and networking) more rapidly to meet fluctuating and unpredictable demands. The second trend is the proliferation of devices that connect with other devices through networks. Machine-to-Machine (M2M) allows networked machines to exchange information and perform actions without the manual assistance of humans.
Often, the information transiting over these networks is destined for a specific user and thus carries a certain level of trust and confidentiality. This is typically achieved using so-called cryptographic algorithms: mathematical manipulations of information that enable different protection levels such as authentication of the communicating parties, or integrity and privacy of the exchanged information. The primary ingredient of most cryptographic algorithms is a secret key. It is used by the algorithm to, e.g., blind the relevant information in transit. Secret keys are a sequence of unpredictable numbers with uniform distribution. They are produced from random numbers and should remain unpredictable to any unauthorized users.
Random numbers however are difficult to produce as the software applications that require them are limited by their deterministic nature. Indeed, machines cannot rely on their own operating systems to produce random numbers and must seek random events from physical random phenomena that they can have access to. Peripheral activity such as mouse movements, keyboard strokes, and hard disk motion are typical examples of randomness sources.
In many cases however there is a flagrant lack of peripherals. Data centre servers for example are not connected to mice or keyboards. To make matters worse, these same servers often perform virtualization in an effort to reduce costs thereby increasing the demand for the server's different resources including the available randomness. The lack of peripherals also affects other machines such as hand held devices. Indeed, smart phones and tablets are now allowing users to perform more sophisticated and confidential tasks such as accessing email accounts or online banking. Without the ability to produce good quality secret keys, these tasks become major security loopholes putting the user at risk.
In the absence of sufficient peripherals it is common practice to use a pseudo random number generator (PRNG). A PRNG is a deterministic algorithm for generating a sequence of uniformly distributed numbers that only approximates the properties of genuine random numbers. The sequence is not truly random in that it is completely determined by a relatively small set of initial parameters and eventually repeats due to the finiteness of the machine on which it is running. To initialize a sequence, the algorithm employs an internal state of the machine (called a seed) such as the machine's current time. The algorithm will always produce the same sequence thereafter when initialized with the same seed. Even though the finite period of certain PRNGs can be very long, this resource becomes meaningless in a cryptographic context if an untrusted unauthorized party can correctly guess the PRNG algorithm as well as the initial seed used to generate the random numbers. Several attacks targeting pseudo random number generators have been cited over the last decade (see e.g., www.isoc.org/isoc/conferences/ndss/10/pdf/15.pdf).
A cryptographically safer alternative in generating secret keys is to use a hardware random number generator (HRNG). A HRNG is an apparatus that generates uniformly distributed random numbers from a physical process. Such devices are often based on physical systems such as thermal noise, avalanche noise, or time drift. Depending on the generation rate of the HRNG and the requirements of a given machine, the HRNG can either feed the machine locally (e.g. the HRNG is installed on the mother board or connected via USB) or at a distance (e.g. through a network). The former method is equivalent, from the machine's perspective, to having access to a physical peripheral producing good quality randomness (such as a mouse or keyboard). The latter is equivalent, from the machine's perspective, to having access to a virtual peripheral connected to a delocalized source of good quality randomness distributing random numbers over a network. In this case a machine requests random numbers over the said network whenever its applications are in need of random numbers. These applications will then go on to produce secret keys and apply cryptographic algorithms that will enable secure communication with other machines standing on the same or different network.
Delocalizing and distributing random numbers through a single (or several), HRNG(s) deployed within a network to provision a number of machines is a recent idea that offers many advantages. Most importantly this centralized approach reduces the cost of ownership and management of resources. Indeed, given the size of modern datacentres which can host tens of thousands of servers, installing, running and maintaining a HRNG such as a USB key on each of these servers can rapidly become a daunting and expensive task.
Delocalizing random number generation however raises two problems. The first problem is to guarantee the availability of sufficient random numbers for the myriad of machines connected to the random number generating source. New designs of high-bandwidth HRNGs such as the quantum based HRNG described in WO 2011/023501, can solve this problem.
The second and most important problem concerns the security of the distributed random numbers. In order to be suitable for cryptographic applications, the random numbers requested and consumed by a server must provide a certain level of trust and privacy.